Unpatched Comcast Security Flaw Leaves User Data Exposed

By Jeff Gamet

Feb 11th, 2014 9:06 AM EST

Several days ago the hacking group NullCrew FTS gained access to Comcast's email servers, and then shared enough information on the Internet so that other hackers could do the same. Comcast didn't warn customers of the security breach, and was apparently warned of the flaw in December 2013, but hadn't fixed the issue.

Hackers expose steps for accessing Comcast's email servers

NullCrew FTS's report was available on Pastebin for over a day before it was removed, which means most anyone with a little Internet and hacker savvy could find the post and gain access to Comcast servers, too. The Internet service provider finally acknowledged the incident after the Pastebin post was removed.

We're aware of the situation and are aggressively investigating it. We take our customer' privacy and security very seriously and we currently have no evidence to suggest any personal customer information was obtained in this incident.

The problem is that the information needed to duplicate NullCrew FTS's steps was available for days, and once it was on the Internet, Comcast's servers saw dramatic performance hits and crashes. That's a red flag indicating the servers were being hit hard, and most likely from other hackers trying to follow NullCrew's steps.

Assuming hackers gained access to the user login information for email accounts, they could potentially get into other parts of user accounts, too, since the same login is used in other places. This is a big deal even for Comcast customers that use different email addresses for their online correspondance because they're automatically assigned a Comcast address.

Comcast's statement isn't instilling a sense of comfort in its customers because the steps to hack the servers were available on the Internet for over 24 hours, and because the security flaw went unpatched for more than a month after it was discovered.

The photo-based social networking service Snapchat recently found itself in a similar situation when hackers made off with 4.6 million user names and phone numbers. The company downplayed the incident, and made a feeble attempt at convincing subscribers there wasn't a problem. The Snapchat app has since been updated to address the issue, but now the company is dealing with a new headache since hackers can use the app to create denial of service attacks that crash victim's iPhones.

The bottom line is that Comcast's email servers were hacked, and that anyone with a Comcast account needs to change their password now to help protect themselves and their personal information.